Re: [Openvpn-devel] [PATCH 2/2] systemd: Do not mask usernames when querying for it via systemd-ask-password

Tue, 07 Oct 2014 17:57:12 +0000 

On Tue, Oct 7, 2014 at 8:23 AM, David Sommerseth <
openvpn.l...@topphemmelig.net> wrote:

> From: David Sommerseth <dav...@redhat.com>
>
> In systemd after version 216, systemd-ask-password will support --echo
> which
> will avoid masking the user input.  As OpenVPN uses this mechanism
> collecting
> usernames when systemd is available, this will avoid the input of
> usernames to
> be masked.
>
> This patch also adds the --icon argument, which is aimed at graphical
> inputs.
> For example when OpenVPN is started at system boot-time using a graphical
> boot
> interface such as Plymouth.
>
> Signed-off-by: David Sommerseth <dav...@redhat.com>
> ---
>  configure.ac          | 1 +
>  src/openvpn/console.c | 8 ++++++++
>  2 files changed, 9 insertions(+)
>
> diff --git a/configure.ac b/configure.ac
> index 608ab6d..09f32d4 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -1017,6 +1017,7 @@ if test "$enable_systemd" = "yes" ; then
>      AC_CHECK_FUNCS([sd_booted], [], [AC_MSG_ERROR([systemd library is
> missing sd_booted()])])
>      OPTIONAL_SYSTEMD_LIBS="${libsystemd_LIBS}"
>      AC_DEFINE(ENABLE_SYSTEMD, 1, [Enable systemd integration])
> +    AC_DEFINE_UNQUOTED(SYSTEMD_VERSION, [`echo
> ${libsystemd_MODVERSION}`], [systemd version installed])
>      LIBS="${saved_LIBS}"
>  fi
>
> diff --git a/src/openvpn/console.c b/src/openvpn/console.c
> index d66d408..5d4d878 100644
> --- a/src/openvpn/console.c
> +++ b/src/openvpn/console.c
> @@ -167,6 +167,14 @@ get_console_input_systemd (const char *prompt, const
> bool echo, char *input, con
>
>    argv_init (&argv);
>    argv_printf (&argv, SYSTEMD_ASK_PASSWORD_PATH);
> +
> +#if SYSTEMD_VERSION > 216
> +  if( echo )
> +    {
> +      argv_printf_cat(&argv, "--echo");
> +    }
> +#endif
> +  argv_printf_cat (&argv, "--icon=network-wired");
>    argv_printf_cat (&argv, "%s", prompt);
>
>    if ((std_out = openvpn_popen (&argv, NULL)) < 0) {
> --
> 1.8.3.1
>
>
>
> ------------------------------------------------------------------------------
> Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
> Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
> Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
> Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
>
> http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
> _______________________________________________
> Openvpn-devel mailing list
> Openvpn-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/openvpn-devel
>

ACK.  Enables systemd features on systemd systems, and looks like a no-op
on non-systemd systems.

-- 
http://cecinestpasunefromage.wordpress.com/
------------------------------------------------
in your fear, seek only peace
in your fear, seek only love

-d. bowie

Reply via email to